Manualshelf

User Manual

ManualsBrandsPLANET Technology ManualsLAN SwitchesLayer 3 24-Port 10G SFP+ + 4-Port 100G QSFP28 Managed Switch
361362363364365366367368369370
366
Users Manual of XGS-6350-24X4C
at slot X.
filter arp
Detects the arp attack.
The ARP attack takes the host’s MAC address and the source port as the attack source, that is, message
from the same MAC address but different ports cannot be calculated together. Both the IGMP attack and IP
attack take the host’s IP address and source port as the attack source.
Remember that the IGMP attack prevention and the IP attack prevention cannot be started up together.
42.1.3.3 Starting up the Attack Prevention Function
After all parameters for attack prevention are set, you can start up the attack prevention function. Note that
small parts of processor source will be occupied when the attack prevention function is started.
Command Description
filter enable
Starts up the attack prevention function.
Use the no filter enable command to disable the attack prevention function and remove the block to all attack
sources.
42.1.3.4 Checking the State of Attack Prevention
After attack prevention is started, you can run the following command to check the state of attack prevention:
Command Description
show filter
Checks the state of attack prevention.
42.1.4 Attack Prevention Configuration Example
To enable the IGMP attack prevention and the ARP attack prevention on port 1/2, consider any host that
sends more than 1200 pieces of message within 15 seconds as the attack source and to cut off network
service for any attack source.
filter period 15
filter threshold 1200
filter block-time 600
interface f1/2
filter arp
exit
filter enable